Media Coverage Archive

Tuesday | April 19, 2016

Four Reasons Why Mobile Containerization Now Matters More Than Ever

BLACKBERRY BUSINESS BLOG – The mobile industry has reached an inflection point. The value of providing employees with greater productivity must be balanced against threats such as data leakage, lost and stolen devices, and unsafe user practices. As employee-owned devices become more widespread in enterprise and businesses start moving up the mobile maturity curve, traditional mobile device management (MDM) offers insufficient security controls.

Businesses have thus started to turn elsewhere. Consumer-oriented devices have begun to ship with on-device containerization. Solutions such as Android for Work, Apple iOS Managed Apps and Samsung KNOX have grown increasingly common.

“App containers have begun to evolve as a complement or even a replacement for MDM as the foundational security layer for enterprise mobility,” reads a recent Good Technology White Paper. “Containers are a transformative technology for enabling enterprises to confidently deploy mobile apps that access corporate data and network resources with security and control, enabling users to work anywhere, anytime while still protecting corporate data and user privacy.”

Let’s talk about what’s behind this security evolution. What specific factors have driven this widespread adoption of app containerization – and why? More importantly, how can you tell the difference between an effective containerization tool and an ineffective one?

1. We Need to Address the Threat of Data Leakage and Malware

Although mobile malware still remains a threat, businesses should be more concerned with plugging data leaks. According to Appthority’s Q1 2016 Enterprise Mobile Threat Report, 48.2% of applications on iOS and 86.7% of applications on Android are prone to data leakage, while nearly the same number exhibit privacy-invasive behaviors like location tracking, accessing address book information or transmitting device ID details.

Insecure apps are not the only potential source of data leakage – in a non-containerized environment, an employee might inadvertently forward sensitive files through their personal email account or upload business data to a personal cloud storage tool.

“Data leakage and loss from negligent file sharing and information collaboration practices is becoming just as significant a risk as data theft,” notes a 2014 Ponemon Institute survey. “Consumer grade file-sharing cloud applications are popular with both employees and organizations because they make it possible for busy professionals to work efficiently together. However, [there are] holes in document and file level security in part caused by their expanded use.”

According to the survey, 61% of employees make use of personal file-sharing apps in the workplace, send unencrypted emails and forward documents to unauthorized parties. Implementing a secure container not only cuts insecure apps off from sensitive data, but also makes it less likely employees will accidentally use personal apps or accounts in the workplace – there will be a clear demarcation between private and professional.

2. Consistency Is Key

With the number of devices per person slated to hit an average of 4.3 by 2020, employees are increasingly jumping between devices and form factors in the workplace. This situation borders on nightmarish for IT, as every OEM implements device security in a different fashion. In order to adequately manage security on Android, for example, an IT department must understand the intricacies of every single permutation of the OS.

This lack of consistency not only places undue stress on IT, but also puts the entire business at risk. A system, after all, is only as strong as its weakest link. All that is necessary for a breach to occur is for one device’s security controls to be insufficient.

An external solution is necessary here. You need an app containerization platform that provides consistent security controls across devices and form factors. Currently, there exists only one solution that fits this description – but more on that in a moment.

I doubt you’ll find anyone who would argue an employer has the right to track what employees do with their personal lives, but enterprise location tracking and data collection apps like Xora cannot distinguish between work and personal use. They’ll continue doing what they were designed for, regardless of whether or not an employee is on the clock. This means that without containerization, those apps could be violating the privacy of employees and running afoul of data privacy laws and the FTC.

They may also cause users to opt out of BYOD programs in the interest of protecting their own privacy, reducing adoption within the organization. This will, in turn, foster dissatisfaction among staff, and make it more difficult to implement new mobility initiatives. Separation of work and personal data on employee devices ensures that this will not happen.

How Good Does Containerization Better

The majority of containerization solutions focus on ring-fencing applications through less-than-secure device-level controls. The security scope of these solutions is also typically narrow, and focused on protecting app data or content such as corporate documents. They do not, for example, secure the interactions between different apps.

“Three C’s” security: Our app containers not only encrypt the applications themselves, but also inter-app communication. Configuration details and user credentials are protected alongside content, and all data – whether at rest or in transit – is protected by FIPS-validated encryption against intrusion.

Device-independent encryption: Our app containerization process and its related encryption is device-independent. This means that even if a criminal cracks a stolen device, they still can’t gain access to the content, credentials and configuration details. And it doesn’t matter what device an employee uses, either – security is consistent across all of them.

A superior user experience: Our app containers support single-sign-on authentication, allowing users to log in once to gain access to all Good-secured apps on their device.

By combining our mobile app container with a device container like Secure Work Space, your business not only protects user privacy, but also safeguards its information, credentials and infrastructure data at every level.